Windows XP Service Pack 2 Beta first look

Windows XP SP2 Beta is out, and Ars has a preview heavy on the screenshots, …

A preoccupation with security

If there is one thing Microsoft is preoccupied with right now, it would have to be security. Microsoft is in the news more for security problems with Windows (whether fairly or not) than any other issue. With other operating systems such as Mac OS X (Panther) and Linux (Kernel 2.6) getting significant updates, some are wondering, what Microsoft is up to? A few months ago, developers were given a preview to Microsoft Windows Longhorn. Longhorn is still at least two years away, leaving the rest of us who use the currently-available Windows XP wondering what the next big XP update will hold.

Microsoft has taken the wraps off of Service Pack 2 for Windows XP. At first thought, one might think "big deal?? Service Packs from Microsoft are generally bug squashers." Things are different this time. Service Pack 2 addresses security concerns, fixes previous security issues, and implements new security features. In case you are slow on the uptake, Windows XP Service Pack 2 is all about security.

Slated for release in Summer 2004, SP2 weighs in at a hefty 222MB (which includes debug symbols) in its beta form. Like other Windows Service Packs, installation is straightforward. Upon initial restart, Windows will require you to make a decision about Automatic Updating. This is a great move. Unlike Windows XP SP1, where Windows just floats a notification window detailing the automatic update ability, Service Pack 2 has a full-screen window that refuses to be ignored ? you cannot exit without making a decision.

The Firewall

Upon making your selection Windows continues its initial start-up and you then end up at your desktop. Depending on which programs you have installed, on startup you will immediately notice the revamped Windows XP Internet Connection Firewall (ICF). Reminiscent of Zone Alarm, I was presented with an onslaught of dialog boxes asking me if it is ok for certain programs (MSN Messenger, AIM) to receive data from the Internet.

Internet Connection Firewall dialogue

The dialog box is not very intuitive. "Allow" and "disallow" would be better options than "Configure" and "Close". In SP2 Beta, you need to press "Configure" which then opens the following window.

Internet Connection Firewall modes

The ICF was a part of Windows XP SP1, and for a simple throw-in, it was fairly sound. It provided the features of a stateful firewall (meaning that it has the ability to keep information about the sate of connections) and could also configure itself on the fly with uPNP. In Service Pack 2, Microsoft has built on the foundation of the original firewall. Clicking on the Exceptions tab gives the user a list of programs and services that can be blocked and opened.

Firewall exceptions

Simply checking the appropriate box enables or disables access to the requesting program. With this application-level firewall control, ICF now only opens ports when the appropriate program is running, whereas previous versions would leave the ports open all the time. Clicking "Add" brings you these options:

Adding an exception

Nothing out of the ordinary here, but unlike SP1, this ICF allows you define specific programs and/or ports that can be open to the world. ICF in Windows XP SP1 did not have its modes spelled out as well. With these settings the user can do some basic tuning. The ICF also allows for some granularity in the ports that are open between the different network devices:

Network connections

For those of you that are curious, ICF retains the same level of logging as in the previous versions of Windows. It is on the light side, but it does provide some basic information.

By default ICF denies ICMP requests. This provides another level of protection for your PC. But it also removes one of the oldest tricks in troubleshooting ? it is always nice to be able to ping someone when trying to problem-solve, but with ICMP turned off, the computer will not respond to pings.

IMCP settings

The Service Pack 2 ICF provides one more notch of security above its predecessor. In XP SP1, there was a delay between the initializing of the networking layer and ICF. I always found this problematic, as during Blaster's reign I have seen XP machines with ICF enabled get infected during startup. With the new ICF, Microsoft has inserted a static rule that will allow the firewall to provide protection until the ICF is fully started. With this basic setup the computer will be allowed to communicate with DNS, DHCP, and an AD server for policy reasons.